The French defense and electronics manufacturer Thales has just won two juicy contracts around the computer security of the second generation of the Galileo program, this constellation of navigation satellites. This represents for the industrialist the tidy sum of more than 60 million euros. He is now in charge of all “elements related to security and resilience” of the program. Thales had already won the infrastructure security supervision contract in May, and the system security specification and design contract in April.
SOC and post-quantum encryption
Concretely, Thales will design and qualify the Security Operations Center (SOC), a “very complex” structure given the nature of the Galileo constellation. In addition to its 4 billion civilian users, the satellite navigation system operates a government signal, dedicated to sensitive military-type applications. Set up with the Italian group Leonardo, the solution must be able to automate incident response and network flow monitoring, while being “capable of storing a significant amount of data.”
The other major security project relates to the development of encryption solutions resistant to quantum threats, a reference to quantum computers whose computing power should be sufficient to easily break current encryption algorithms. One of the new encryption algorithms developed by the company and partners, Falcon, based on “more difficult mathematical problems to solve, even for a quantum computer”, she says, has already been retained by the US administration.
Growing threats
Lionel Salmon, cybersecurity director for space systems at Thales, distinguishes between two types of threat against space systems. First of all the attacks on the system on the ground, finally quite classic. And then those directed against a satellite system. “If the latter falls, this can potentially have great consequences,” he explains to ZDNET.fr.
The interruption of service, however, might not be the most interesting effect. Its alteration could be even more valuable for an attacker, especially in the case of a navigation system like Galileo, for example by distorting the location data provided by the system.
The computer attack which had targeted the European network KA-SAT a year ago, attributed to Russia, recalled the security issues around space systems, even if this hacking had targeted the service and not the satellites themselves. A report from the University of Oxford indicated, however, that the latter could well be the weak link.
These satellites, with increasingly complex computing, can remain in orbit for more than a decade, with limited upgrade possibilities. They are thus not flawless, as had been proven recently… Thales, which had succeeded in taking control of a nano-satellite demonstration of the European Space Agency during an offensive security exercise.